Cisco AMP | Marketplace

Details
Content
Dependencies
Version History

Uses CISCO AMP Endpoint

Integrations

Name	Description
AMP	Uses CISCO AMP Endpoint
Cisco AMP v2	Cisco Advanced Malware Protection software is designed to prevent, detect, and help remove threats in an efficient manner from computer systems. Threats can take the form of software viruses and other malware such as ransomware, worms, Trojans, spyware, adware, and fileless malware.

Integrations

Name	Description
Cisco AMP Event Collector	This is the Cisco AMP event collector integration for Cortex XSIAM.
AMP	Uses CISCO AMP Endpoint
Cisco AMP v2	Cisco Advanced Malware Protection software is designed to prevent, detect, and help remove threats in an efficient manner from computer systems. Threats can take the form of software viruses and other malware such as ransomware, worms, Trojans, spyware, adware, and fileless malware.

Modeling Rules

Name	Description
AMP Modeling Rule

Pack Name	Pack By
Base	By: Cortex XSOAR

Pack Name	Pack By
Base	By: Cortex XSOAR

2.1.7 - 2124314 (February 2, 2025)

Integrations

Cisco AMP v2

Updated the file command's documentation which supporting only SHA256 as an input.

Related pull requests:
- 38434

Download

2.1.6 - 2094777 (January 28, 2025)

Integrations

Cisco AMP v2

Fixed an issue where file command failed due to file does not exist.

Related pull requests:
- 38346

Download

2.1.5 - R2040490 (January 22, 2025)

Integrations

Cisco AMP v2

Improved debugging logs.

Related pull requests:
- 37788

Download

2.1.4 - 1718057 (November 28, 2024)

Integrations

Cisco AMP v2

Updated the Docker image to: demisto/python3:3.11.10.115186.

Related pull requests:
- 37407
- 37402
- 37403
- 37405
- 37406
- 37404

Download

2.1.3 - R1681986 (November 21, 2024)

Integrations

Cisco AMP v2

Updated the Docker image to: demisto/python3:3.10.14.91134.

Related pull requests:
- 33675

Download

2.1.2 - 865088 (March 3, 2024)

Integrations

Cisco AMP v2

Updated the Docker image to: demisto/python3:3.10.13.88772.

Related pull requests:
- 33184

Download

2.1.1 - 823153 (February 12, 2024)

Integrations

Cisco AMP v2

Updated the Docker image to: demisto/python3:3.10.13.87159.

Related pull requests:
- 32837

Download

2.1.0 - 792350 (January 29, 2024)

Changes are not relevant for XSOAR marketplace.

Related pull requests:
- 32106

Download

2.0.19 - 757686 (January 11, 2024)

Integrations

Cisco AMP v2

Updated the Docker image to: demisto/python3:3.10.13.84405.

Related pull requests:
- 32061

Download

2.1.7 - 2124314 (February 2, 2025)

Integrations

Cisco AMP v2

Updated the file command's documentation which supporting only SHA256 as an input.

Related pull requests:
- 38434

Download

2.1.6 - 2094777 (January 28, 2025)

Integrations

Cisco AMP v2

Fixed an issue where file command failed due to file does not exist.

Related pull requests:
- 38346

Download

2.1.5 - R2040490 (January 22, 2025)

Integrations

Cisco AMP v2

Improved debugging logs.

Related pull requests:
- 37788

Download

2.1.4 - 1718057 (November 28, 2024)

Integrations

Cisco AMP v2

Updated the Docker image to: demisto/python3:3.11.10.115186.

Cisco AMP Event Collector

Updated the Docker image to: demisto/python3:3.11.10.115186.

Related pull requests:
- 37407
- 37402
- 37403
- 37405
- 37406
- 37404

Download

2.1.3 - R1681986 (November 21, 2024)

Integrations

Cisco AMP v2

Updated the Docker image to: demisto/python3:3.10.14.91134.

Cisco AMP Event Collector

Updated the Docker image to: demisto/python3:3.10.14.91134.

Related pull requests:
- 33675

Download

2.1.2 - 865088 (March 3, 2024)

Integrations

Cisco AMP v2

Updated the Docker image to: demisto/python3:3.10.13.88772.

Cisco AMP Event Collector

Updated the Docker image to: demisto/python3:3.10.13.88772.

Related pull requests:
- 33184

Download

2.1.1 - 821588 (February 12, 2024)

Integrations

Cisco AMP v2

Updated the Docker image to: demisto/python3:3.10.13.87159.

Cisco AMP Event Collector

Updated the Docker image to: demisto/python3:3.10.13.87159.

Related pull requests:
- 32837

Download

2.1.0 - 792350 (January 29, 2024)

Integrations

New: Cisco AMP Event Collector

New: This is the Cisco AMP event collector integration for Cortex XSIAM.(Available from Cortex XSIAM 2.0).

Modeling Rules

New: AMP Modeling Rule

Added support for Cisco Secure Endpoint events.

Related pull requests:
- 32106

Download

2.0.19 - 757686 (January 11, 2024)

Integrations

Cisco AMP v2

Updated the Docker image to: demisto/python3:3.10.13.84405.

Related pull requests:
- 32061

Download

PUBLISHER

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

Certification	Certified	Read more
Supported By	Cortex
Created	June 30, 2020
Last Release	February 2, 2025

WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise.